1. GENERAL
1.1 Within Norstedts Förlagsgrupp, we care about your personal privacy and always strive for a high level of data protection. This Privacy Policy explains how the company collects and uses the personal data of copyright holders and/or contractors. It describes your rights and how you can enforce them.
2. What is personal data and what is processing of personal data?
Personal data is all types of information that directly or indirectly relate to a physical person who is still alive. For example, images and sound recordings that are processed in a computer may be regarded as personal data, even if no names are mentioned. Encrypted data and different types of electronic identity (e.g. IP numbers) are regarded as personal data if they can be linked to natural persons.
Processing is everything that is done to personal data. Each measure taken using personal data constitutes processing, regardless of whether such measure is undertaken automatically or manually. Examples of common forms of processing include collection, registration, organisation, structuring, storage, processing, transfer and deletion.
3. PERSONAL DATA MANAGER
Norstedts Förlagsgrupp AB, corporate ID no. 556045-7748, is the Personal Data Manager for the processing of personal data carried out by Norstedts Förlagsgrupp. You can find information about how to contact us further down in this document.
4. WHEN DO WE COLLECT PERSONAL DATA?
4.1 Norstedts Förlagsgrupp collects personal data about you in the following context, e.g. if:
5. WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT PURPOSE (WHY)?
5.1 For copyright holders
5.1.1 Purpose
To manage our relationship with you and manage your intellectual property rights.
5.1.2 Processing carried out
5.1.3 Categories of personal data
5.1.4 Legal basis
Completion of our related undertakings or in accordance with agreement.
5.1.5 Storage and deletion of personal data
We store your personal data for as long as the contractual relationship with us and the management of your rights lasts and up to a maximum of 6 months thereafter. After the end of the contract, we save ISBN information, name of the copyright holder and title (“article information”) in our list of the company’s published works. Copies of all agreements entered that are linked to a work, and, in some cases, also the correspondence that resulted in the production of that work are also filed for company history purposes and in the public interest for future research purposes in the company history archive at the Swedish Centre for Business History.
5.1.6 Contact for your privacy questions
For questions concerning privacy issues and personal data, get in touch with your contact person at the relevant publisher.
5.2 For contractors
5.2.1 Purpose
To be able to manage our relationship with you and your participation in our production process.
5.2.2 Processing carried out
5.2.3 Categories of personal data
5.2.4 Legal basis
Completion of our related undertakings or in accordance with agreement. If this information is not provided, our undertakings cannot be fulfilled and we may refuse entry into an agreement with us.
5.2.5 Storage and deletion of personal data
The storage period is as long as the duration of the agreement and a maximum of up to 6 months thereafter. To the extent a contractor is involved in the creation of the work, we also save ISBN information, name of the copyright holder/contractor and title of the work (“article information”) in our list of the company’s published works after the agreement has expired. Copies of all agreements entered that are linked to a work, and, in some cases, also the correspondence that resulted in the production of that work are also filed for company history purposes and in the public interest for future research purposes in the company history archive at the Swedish Centre for Business History.
5.2.6 Contact for your privacy questions
For questions concerning privacy issues and personal data, get in touch with your contact person at the relevant publisher.
6. DATA SECURITY AND PRIVACY
The security, privacy and confidentiality of your personal data is very important to us. We have implemented technical, administrative and physical security measures that are designed to protect your personal data from unauthorised disclosure, use and change. From time to time, we evaluate these measures in order to investigate whether additional measures are required or whether existing ones need updating. Please note that, despite taking all reasonable measures, there are no security measures that are 100% secure.
7. WHO MAY WE SHARE YOUR PERSONAL DATA WITH?
7.1 Norstedts Förlagsgrupp may disclose your personal data to group companies, partners and other third parties for the purpose of fulfilling the agreement with you or for the execution of agreements with Norstedts Förlagsgrupp's suppliers and partners, “personal data processor”, in areas such as IT, payments, marketing and distribution.
7.2 If personal data is disclosed to the personal data processor that process personal data on behalf of Norstedts Förlagsgrupp as described above, we will enter into an Data processing agreement with this party. We only engage the services of personal data processors that provide adequate guarantees that they will implement appropriate technical and organisational security measures.
7.3 When your personal data is shared with personal data processors, it is done solely for purposes that are compatible with the purposes for which we collected and processed the information (e.g. in order to be able to satisfy our undertakings).
7.4 Personal data may also be disclosed to independent personal data managers, e.g. a bank for payment of remuneration or if it is necessary in order to comply with applicable laws or requirements from authorities, to safeguard the legal interests of Norstedts Förlagsgrupp’s, or to detect, prevent or highlight instances of fraud and other security or technical problems. For this group, we do not enter into a personal data processor agreement as they control the processing of personal data in accordance with their own terms and privacy policies.
8. WHO MAY WE COLLECT YOUR PERSONAL DATA FROM?
In addition to the information you provide us with, or which we collect from you, we may also collect personal data from other sources (“third parties”). We may collect the following information from third parties:
If such information is collected, it falls within the framework of legal basis and storage period in accordance with the purposes described herein.
9. WHERE IS YOUR PERSONAL DATA PROCESSED?
9.1 We always strive to ensure that your personal data is processed within the EU/EEA, and that all our own IT systems are located within the EU/EEA. In the event of an exception from this, i.e. data is transferred to a “third country” outside the EU/EEA, the personal data processor may, as is the case with personal data processors based within the EU/EEA, only view information that is relevant to the purpose. We also ensure that a security level can be established as if the assistant were stationed within the EU/EEA.
9.2 Personal data may also be transferred to a “third country” in instances where rights to a work are sold onto another country. However, this only happens if an adequate level of security can be guaranteed or if appropriate security measures are implemented.
10. YOUR RIGHTS
10.1 You are entitled to have access to the personal data we have registered about you. You may, at no additional charge, receive information about what personal data Norstedts Förlagsgrupp processes about you and why. In addition, you are also entitled to have inaccurate, misleading or incomplete information corrected, anonymised or deleted. You are also entitle to request that we limit the processing of your personal data, object to the processing of personal data or object to the type of personal data processing we carry out. Please note, some of these rights only apply in specific situations, such as the right to transfer data to third parties, i.e. data portability and which only apply in instances where processing is based on an agreement or consent, and that processing is done automatically.
10.2 Should you require help with any of the above or about any other aspect pertaining to your personal data, please contact us via the contact routes provided for each purpose and we will assist you.
10.3 You are also entitled to refer to the supervisory authority at any time if you believe that your personal data is being processed by us in violation of applicable data protection legislation. In such instances, contact the Swedish Data Protection Authority. You can find the appropriate contact details here: www.datainspektionen.se
11. Exemptions from GDPR
The following personal data processing is exempt from the terms of the General Data Protection Regulation (GDPR):
The above is underpinned by the following:
12. AMENDMENTS TO THE PRIVACY POLICY
This Privacy Policy may be adjusted from time to time. Should Norstedts Förlagsgrupp make any significant changes to the Privacy Policy, we will inform you before such changes come into force. The Privacy Policy will also be published on our websites:
__________________
Last updated 21.05.2018/Norstedts Förlagsgrupp AB
De senaste nyheterna om våra böcker och författare! Tips på evenemang och aktiviteter.